In an attempt to get the ball rolling on adding multi-protocol support to Kevin Cernekee's awesome Android port of OpenConnect (https://github.com/cernekee/ics-openconnect/issues/28)... :-D I've added support for listing, getting, and setting the supported protocols to the Java interface. It all seems to work fine in the Java test application, including the CSD/HIP support, after fixing a small bug causing the test application to crash when setting the CSD wrapper script. Here's a lightly-condensed log of connceting to a GP gateway with the Java test application. $ java -Djava.library.path=../.libs -jar dist/example.jar vpn.company.com gp OpenConnect version: v7.08-106-g578b23a-dirty PKCS=true, TSS=false, STOKEN=true, OATH=true, YUBIOATH=true Supported protocols: anyconnect) PRETTY_NAME=Cisco AnyConnect or openconnect, DESCRIPTION=Compatible with Cisco AnyConnect SSL VPN, as well as ocserv, FLAGS=proxy+CSD+auth-cert+auth-otp+auth-stoken nc) PRETTY_NAME=Juniper Network Connect, DESCRIPTION=Compatible with Juniper Network Connect / Pulse Secure SSL VPN, FLAGS=proxy+CSD+auth-cert+auth-otp+auth-stoken gp) PRETTY_NAME=Palo Alto Networks GlobalProtect, DESCRIPTION=Compatible with Palo Alto Networks (PAN) GlobalProtect SSL VPN, FLAGS=proxy+auth-cert+auth-otp+auth-stoken Setting VPN protocol to gp Using CSD wrapper script ./csd-gp.sh CSTP Cipher: null AuthForm: ... Username: my.username Password: ******** INFO: POST https://vpn.company.com/ssl-vpn/login.esp DEBUG: Attempting to connect to server 1.2.3.4:443 PROTECT_FD: 19 INFO: Connected to 1.2.3.4:443 INFO: SSL negotiation with vpn.company.com INFO: Connected to HTTPS on vpn.company.com DEBUG: Got HTTP response: HTTP/1.1 200 OK INFO: GlobalProtect login returned authentication-source=LDAP Cookie: authcookie=1a2c419b0448a173baacefc1d494d... ... INFO: POST https://vpn.company.com/ssl-vpn/hipreportcheck.esp DEBUG: Got HTTP response: HTTP/1.1 200 OK DEBUG: Date: Sun, 05 Aug 2018 23:19:07 GMT DEBUG: Gateway says HIP report submission is needed. INFO: POST https://vpn.company.com/ssl-vpn/hipreport.esp DEBUG: Got HTTP response: HTTP/1.1 200 OK INFO: HIP report submitted successfully. IPInfo: +-IPv4: 10.0.0.221 / 255.255.255.255 +-IPv6: null / null +-Domain: company.com +-proxy.pac: null +-Gateway IP: 1.2.3.4 +-MTU: 1422 +-DNS: 10.0.0.1 / 10.0.0.2 +-NBNS: 10.0.0.1 / 10.0.0.2 +-Split DNS: <empty> +-Split includes: ... +-Split excludes: <empty> DEBUG: Send ESP probes PROTECT_FD: 21 SETUP_TUN INFO: ESP session established with server INFO: ESP tunnel connected; exiting HTTPS mainloop. DEBUG: Send ESP probes for DPD Thanks, Dan Daniel Lenski (5): add missing OC_PROTO_CSD flag to GP protocol include openconnect_get_protocol method for completeness add getProtocol, setProtocol, getSupportedProtocols, and VPNProto to Java bindings fix segfault in Java library test application describe and set protocol in Java test application java/README | 2 +- java/src/com/example/LibTest.java | 44 +++++++++++-- .../infradead/libopenconnect/LibOpenConnect.java | 16 +++++ jni.c | 72 +++++++++++++++++++++- libopenconnect.map.in | 1 + library.c | 7 ++- openconnect.h | 2 + 7 files changed, 135 insertions(+), 9 deletions(-) -- 2.7.4
